4 Password managers to secure your logins
We all work on computers and have online accounts, which means passwords.
With all the security breaches and flows discovered almost daily, storing your password and crucial data in a safe place is very important. More than this, all the security experts highly recommend using one password only once. But that means thousands of passwords!
How to deal with that huge amount of passwords no one can remember? This answer is simple: use a password manager. Thus you have to remember only one password often called master password for the password manager.
In this article we are going to talk about password managers, both online clouds based and offline that stores the data on your local machine which can be synced on the cloud for backup purposes.
The offline version gives you more control over your data but you should have a backup plan in mind by synchronizing the passwords database in the cloud so you never miss your passwords.
A simple Google search will show you lots of password manager options available. But I'm writing this not for the sake of content. Instead, I would like to recommend to you the best possible apps for storing your passwords.
I'm going to talk about four of them that have a good reputation in terms of security and stability.
The two password managers mentioned are cloud-based, which means your passwords are stored on the providers' cloud servers and the other two password managers will be offline which means you use dedicated software to manage the password databases and the data is stored on your local machine.
For the cloud-based managers, we often use browser extensions and mobile apps while for the offline managers we will use dedicated software with a browser autofill support thanks to the extensions.
Crucial things to do while using a password manager
Having all passwords in one place means a lot of security risks. If an attacker can gain access to your password manager, this exposure all your passwords for all services you saved there.
So you have to take precautions and make sure no one ever can get access to your password manager. And you need to make sure you'll never get yourself locked out of your passwords.
Here are the things you should consider and implement when using a password manager:
- Never use the password for password manager somewhere else. Not for email, not for another password manager, but only for the current password manager.
- Use a strong complicated password for your password manager which should include letters (including capital letters), numbers, and at least 1-2 symbols. The password should be at least 20 characters, but 24 characters are more recommended.
- Make it complicated but memorable for yourself because you shouldn't s store it elsewhere. For this reason, you have to repeat it a lot and enter it many times to make sure you remember it.
- Whether possible, use a 2-factor authenticator for the password manager. For this purpose, we can use Google Authenticator for Android and iOS. But make sure you backup the QR code in case you lose your mobile. The backed-up QR-code can be stored in an encrypted ZIP archive for security purposes.
- Never use SMS as a two-factor authenticator (2FA) for password managers. Why? Because SMS security is so weak that I have no idea why it's still used. SMS is proven to be weak and it can be faked in multiple ways. So for non-crucial services, the SMS as 2FA may be used but never for a password manager.
- Always make backups of your passwords database whether is an online hosted-based service or the offline one, you should export (in the case of hosted managers) and make copies of the passwords database regularly. Usually, such a database will have under a megabyte in size and compressed (recommended encrypted .7z archive with ultra compression) version will have only a few hundred kilobytes so it won't use your disk space but you can always get back and find an old password.
- When exporting passwords from a hosted password manager, always export it as an encrypted version so as not to leave anyway for your passwords to be exposed.
- Always secure your personal computer with anti-virus, anti-malware, and firewall software (optional but highly recommended). If your computer is compromised and has a keylogger installed then all your passwords are in trouble.
- Never use your password manager on a public computer or on a computer that's not your own. If you need to enter a password on a third-party computer it is recommended to always have the mobile version of the used password manager so you can just check and enter only the password for the login you need.
Am I paranoid enough with the above-mentioned? Maybe, but if your password manager is compromised, so is your online life among your bank accounts and ultimately your money!
And in the upcoming years, the cyber attacks and security breaches will only increase. So, now you know, and you're warned to take all the precautions possible.
Let's begin now with the password managers.
Bitwarden
Bitwarden password manager was rising as an alternative to the popular manager LastPass when the last was acquired by another company, tied plans, increased prices, and forced lots of users to find an alternative.
Bitwarden can be considered a great or better alternative with some unique features and transparency by being open-sourced.
This password manager is available for all popular browsers, mobile devices Android, and iOS and even more, it has native desktop apps for Windows, Mac OS, and Linux.
Bitwarden is secured, has 2-factor authentication (2FA) using a mobile application of choice, and even biometric authentication is possible as 2FA.
Bitwarden is free for unlimited passwords and devices but lets you upgrade for premium if you need extra features like using the YubiKey device for 2FA, using for organizations, and more. It has a simplified interface without any bulky stuff.
A great feature and may be unique is the possibility to self-host it on your server. Thus you have even more control over your data and don't depend on server availability (i.e in case their services are compromised, under attack, etc.).
Check out Bitwarden and make it your password manager @ bitwarden.com
LastPass
LastPass is one of the first password managers with millions of users worldwide.
Being one of the password manager pioneers, LastPass is a very popular, secured, and advanced password manager with many features built-in mind, including 2-factor authentication and more.
LastPass is available for all popular browsers, and mobile devices and has some desktop versions also. In the vault, you can store not only passwords but also security notes, addresses, payment cards, and bank accounts.
You can share your passwords with others using the LastPass password share functionality and have a shared folder where passwords will be available to the participants once added.
For website logins, it has pre-added equivalent domains for popular websites like google.com and youtube.com (which share the same credentials) and you can also add your own.
When it comes to 2-factor authentication, LastPass is the king, allowing you to use multiple options like Google Authenticator, Microsoft Authenticator, LastPass own multifactor, toopher, Duo Security, offline version with a printable spreadsheet of codes, hardware devices like YubiKey and the fingerprint scanner on your device and even some more options.
With LastPass, you can set to allow logins only from certain countries, prohibit logins from the Tor network, and extra security features for creating a super-safe environment.
With that amount of features, LastPass can be considered very secure and trustful.
However it comes with some downsides and that is, of course, the price. LastPass is free but it has added many limits last year. Now it is possible to use it for a limited number of devices and restricted to be used for the same type of device i.e only browser extensions or only mobile apps.
But for those who are ready to pay for a password manager, LastPass is a great choice!
Try and install LastPass @ lastpass.com
KeePassXC
KeePassXC is an offline password manager software that stores all passwords in an encrypted file on your local (or network) computer disk.
It is a fork of a popular password manager KeePass and has made its way of development because the classic KeePass was rarely updated missing new features and improvements.
KeePassXC is a default password manager of choice for many Linux desktop distributions which proves its stability and ongoing development. It is available for Windows, macOS, and Linux, and has unofficial versions for iOS and Android.
KeePassXC is a safe and secure password manager with the possibility to import your passwords from other managers like classic KeePass, 1Password, or exported CSV files.
You can secure your database file with a password along with an additional (and optional) key file (i.e stored on a flash drive) or hardware authenticator YubiKey and OnlyKey. The additional security options make it even more secure so the password won't be enough to open the database file making it impossible for keyloggers to break your security.
KeePassXC has great features making it a very powerful app for your passwords and secret data.
Here are some of its great built-in features:
- Strong password generator
- Password groups and sub-groups
- Recycle bin or deleted passwords
- Password history with unlimited items
- Browsers integration using extensions
- Custom icons and website favicons
- Password expiration and additional attributes
- Attachments and tags for each login
- Clipboard auto-clear and database auto-lock
- SSH agent integration and a lot more...
To have all your password in one place means available on different devices you can just store the passwords database .kdbx
file on your files cloud service of choices like Dropbox or Google Drive.
The pros of KeePassXC are that you own your data and you can store it anywhere you want. The cons are that you need the app to open the passwords database and you need the database file itself, unlike hosted solutions where you can just go to a website and access your passwords.
You can download the KeePassXC @ keepassxc.org
Enpass
Enpass is another great password manager with a modern user interface that will make your work with it more pleasant.
With Enpass you can store pretty much everything from passwords to software licenses. Here is a list of data types you can store with Enpass which will make you think of using it.
You can securely store the following type of information with Enpass:
- Logins and passwords
- Credit card information
- Identities and addresses
- Security notes
- Bank accounts information
- Insurance and investment data
- Licenses, including driving, software, etc.
- Travel info like passport data and visas
- PC related like databases, Wi-Fi passwords
- Contacts, loyalty cards, voter card
- and a lot more...
With its clean and modern interface, Enpass is a pure joy to use and because you will use it often this is a great bonus.
Enpass is available for almost every device you use including Windows, macOS, Linux, browser extensions (yes, it'll work on Chromebook also), and proprietary apps for mobile divices Android and iOS. And it has portable versions for desktops means you can run it from a USB flash drive.
You can synchronize the database on the cloud with OneDrive, Dropbox, Google Drive, iCloud, Nextcloud, and more... It will also make data backups for you automatically.
Enpass has a great built-in password generator, export data feature, and also importing passwords from other password managers like 1Password, Bitwarden, LastPass, KeePass, Roboform, Dashlane, exported CSV spreadsheet, and more.
It has also security features like clipboard auto-clear, quick unlock with PIN, auto-lock on idle state and so many other features that will make this article too long.
Download Enpass password manager @ www.enpass.io
What's your favorite password manager?
Please let us know in the comments!
Found this article useful? Please share it!
It'll take you a few seconds to share but it will mean a lot for me!
Thanks for sharing and Subscribe to our Newsletter!